Cyber Security Engineer

Job Description

Title: Cyber Security Engineer

Company Name: SSL Wireless

Vacancy: --

Age: Na

Job Location: Dhaka

Salary: Negotiable

Experience:

• 1 to 3 years

• Bachelor of Science (BSc) in Computer Science & Engineering
• Bachelor of Science (BSc) in Information Technology

• Bachelor’s degree in Computer Science, Cyber Security, IT, or related field.

• 1 to 3 years

Required Skills & Qualifications

Technical Skills (Offensive)

• Strong understanding of web technologies, networks, and OS internals.
• Experience with offensive tools including:
• Burp Suite, Metasploit, Nmap, Nessus, Wireshark, Kali Linux, SQLMap, BloodHound, etc.
• Familiarity with OWASP Top 10, SANS Top 25, exploit development basics.
• Understanding of AD exploitation, lateral movement, privilege escalation.
• Scripting skills (Python, Bash, PowerShell, JS) are an advantage.

Technical Skills (Defensive)

Basic knowledge of:

• Endpoint protection, EDR, XDR platforms
• Security monitoring fundamentals
• Cyber security product integrations

Ability to support PoC implementations at customer sites.

Soft Skills

• Strong analytical mindset and problem-solving ability.
• Excellent communication and report-writing skills.
• Ability to manage multiple engagements and work under pressure.
• High integrity, ownership, and responsibility.

Educational & Professional Requirements

• 1–3 years of experience in penetration testing, vulnerability assessment, or combined offensive/defensive roles.

Preferred Certifications (not mandatory):

• OSCP, eJPT, CEH, PNPT, eWPT, Security+, or relevant equivalents.

The role plays a critical role in strengthening SSL Wireless’s security posture by proactively identifying, analyzing, and exploiting security weaknesses across applications, networks, and infrastructure. Along with internal assessments, this role is also responsible for conducting Vulnerability Assessment and Penetration Testing (VAPT) services for external customers, ensuring high-quality security engagements that meet industry best practices and client requirements. The position involves hands-on penetration testing, red team support, threat simulations, client communication, and collaboration with internal teams to ensure timely remediation of identified vulnerabilities. The ideal candidate is highly analytical, detail-oriented, and passionate about adversarial security techniques.

Key Responsibilities

1. Offensive Security & VAPT

• Conduct internal and external customer VAPT engagements across networks, web/mobile apps, APIs, and cloud environments.

• Perform manual and automated penetration testing using industry-standard tools.

• Create proof-of-concept exploits and validate vulnerabilities.

• Prepare detailed technical reports and executive summaries.

• Ensure assessments comply with OWASP, NIST, ISO, and SSL Wireless standards.

2. Red Teaming & Threat Simulation

• Support red team operations including phishing, social engineering, and adversarial simulations.

• Utilize MITRE ATT&CK-aligned techniques to emulate real-world threat actors.

• Develop custom payloads and attack chains when required.

3. Defensive Security & Endpoint Operations

• Maintain basic operational knowledge of defensive security tools and concepts.

• Support endpoint security, including antivirus, EDR, and XDR solutions.

• Assist in alert validation, incident response coordination, and monitoring when necessary.

• Work with defensive teams to ensure attack findings translate into improved detection and hardening.

4. Cyber Security Product PoC & Client Engagement

• Participate in PoC deployments at customer premises for cybersecurity solutions (EDR, XDR, SIEM, NAC, etc.).

• Demonstrate product functionality, assist technical teams, and support customer onboarding.

• Coordinate with sales, product, and technical teams to ensure smooth PoC execution.

• Provide technical feedback and improvements based on customer requirements.

5. Collaboration & Continuous Improvement

• Work closely with Infrastructure, DevOps, Network, and Application teams on remediation.

• Support the creation of security playbooks, guidelines, and offensive methodology documents.

• Stay updated with global threat trends, CVEs, tools, and exploitation techniques.

• Attractive salary as per industry best practice.

• Yearly salary review based on performance.

• Weekly 2 holidays.

• 2 festival bonuses (Yearly).

• Weekly medical consultancy.

• Annual leave encashment.

• Medical coverage.

• Congenial & friendly working environment.